
Application Security Engineer
Posted 10 hours ago

Posted 10 hours ago
This is a fully remote position, open to applicants in Nigeria.
• Serve as a Security Champion within product teams, guiding design and engineering choices to prioritize security from the very beginning.
• Create solutions that are Secure by Design, incorporating threat modeling and security requirements into feature architecture and design evaluations.
• Advocate for and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to minimize vulnerabilities at their origin.
• Oversee Vulnerability Management & Remediation, managing the identification, risk-based prioritization, and tracking of remediation efforts for security concerns.
• Establish and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for uniform application across engineering teams.
• Conduct and facilitate Penetration Testing, using both manual and automated methods to identify vulnerabilities across environments, platforms, and release cycles.
• Foster continuous improvement through Collaboration & Enablement, providing security knowledge transfer, best practices, and feedback loops among teams.
• 3 - 5 years of practical experience in application security (AppSec), DevSecOps, or related positions.
• Software engineer with a strong interest in Security.
• A minimum of 2 years’ experience working within an engineering team is advantageous.
• Profound understanding of the secure software development lifecycle (SDLC) and the principles of secure-by-design engineering.
• Expertise in security scanning tools (e.g., SAST, DAST, SCA), incident response, remediation workflows, and security automation.
• Proficient in coding with Java/Python/JavaScript and working with cloud platforms (AWS/Azure/GCP).
• Demonstrated experience in pentesting or red-team operations, pinpointing and exploiting application-level vulnerabilities.
• Strong communication skills, capable of translating technical risks into actionable steps and assisting engineers in implementing security enhancements.
• Ability to build trust as a security mentor and advocate, enhancing security maturity across teams with patience and influence.
• Contributions to security tools or open-source initiatives.
• OSCP, OSCE, GXPN, or equivalent offensive security certifications are a plus.
• Experience with container security.
• Culture - We prioritize our people and the well-being of every team member. We have cultivated a company where all opinions matter and every voice is acknowledged. We value and respect one another and consistently look out for each other. Above all, we are human.
• Learning - Our environment is centered on learning and development, emphasizing knowledge sharing, training, and regular internal technical discussions.
• Compensation - You will receive a competitive salary, pension, health insurance, Employee Stock Options, an annual bonus, and additional benefits.
Umdasch Group
Applaudo
Unisys
Switzerland Global Enterprise
Get handpicked remote jobs straight to your inbox weekly.